CVE-2007-2343
Summary
| CVE | CVE-2007-2343 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-04-27 17:19:00 UTC |
| Updated | 2011-03-08 02:54:00 UTC |
| Description | Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Enterasys | Netsight Console | All | All | All | All |
| Application | Enterasys | Netsight Inventory Manager | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Enterasys NetSight TFTPD and BOOTPD Servers Permit Remote Code Execution and Denial of Service Attacks - SecurityTracker | SECTRACK | www.securitytracker.com | |
| 20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities | IDEFENSE | labs.idefense.com | Vendor Advisory |
| Page not found - Extreme Networks | CONFIRM | www.enterasys.com | Patch |
| 34627 | OSVDB | osvdb.org | |
| Enterasys Networks NetSight Products TFTPD/BOOTPD Vulnerabilities - Secunia.com | SECUNIA | secunia.com | Exploit, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.